Improving network security using machine learning techniques

Abstract

Discovery of malicious correlations in computer networks has been an emergent problem motivating extensive research in computer science to develop improved intrusion detecting systems (IDS). In this manuscript, we present a machine learning approach known as Decision Tree (C4.5) Algorithm and Genetic Algorithm, to classify such risky/attack type of connections. The algorithm obtains into consideration dissimilar features in network connections and to create a classification rule set. Every rule in rule set recognizes a particular attack type. For this research, we implement a GA, C.45 and educated it on the KDD Cup 99 data set to create a rule set that can be functional to the IDS to recognize and categorize dissimilar varieties of assault links. During our study, we have developed a rule set contain of six rules to classify six dissimilar attack type of connections that fall into 4 modules namely DoS, U2R, root to local and probing attacks. The rule produces works with 93.70% correctness for detecting the denial of service type of attack connections, and with significant accuracy for detecting the root to local, user to root and probe connections. Results from our experiment have given hopeful results towards applying enhanced genetic algorithm for NIDS.